Purpose

Aurora Electrical & Data Services, LLC is committed to ensuring the security and integrity of

its systems and services. We value the contributions of security researchers and encourage

responsible disclosure of vulnerabilities that may affect our systems or data.

Scope

This policy applies to all digital assets and infrastructure owned or operated by Aurora. This

includes web applications, cloud environments, and internal systems.

Reporting a Vulnerability

If you believe you have discovered a security vulnerability in one of our systems, please

report it to us by emailing: security@auroraelectrical.com. Include a detailed description of

the vulnerability, steps to reproduce it, and any supporting evidence.

What to Expect

Once a report is received:

- We will acknowledge receipt within 5 business days.

- We will assess the issue and provide a status update within 10 business days.

- If validated, we will work to remediate the issue in a timely manner.

- We may request further information from the reporter during the process.

- Reporters will be notified once the issue is resolved.

Guidelines for Responsible Disclosure

To protect all users, we ask that you:

- Avoid public disclosure until we have resolved the issue.

- Do not access or modify data without authorization.

- Do not use social engineering or denial-of-service techniques.

- Act in good faith and within the bounds of the law.

Safe Harbor

We will not pursue legal action against researchers who report vulnerabilities in good faith

and in accordance with this policy.

Contact

Needs updated with appropriate contact info